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The present invention relates to a method for submitting the user profile of a client entity which is being registered or has already 
registered itself with a management system of a telecommunications network. In this kind of system, for each client entity is formed at least 
one user profile that is stored ready for retrieval by the telecommunications network performing said registry and that during the registration 
of said client entity is retrieved for the use of said telecommunicadons network management system. According to the invention, at least one 
user profile is stored in the client entity to be registered and is then retrieved directly from the client entity to be registered in conjunction 
widi the registration performed by said client entity. The user profile can be stored, e.g.. in a smart card suited for attachment to the client 
entity to be registered. 
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1 

Method for submitting user profiles to a telecommunications network 

The invention relates to a method according to the preamble of claim 1. 

5 Methods of this category are used in conjunction with the operation of telecommu- 
nications networks for submitting a user profde of a client entity utilizing network 
services to the service provider's telecommunications network. The function of the 
user profile is to compile such information on the owner of the user profile for the 
use of the telecommunications network that may be used to control the content of 

10 the service to be provided to the owner of the user profile. The user profile may 
contain information, e.g., on such telecommunications network addresses or names 
to which calls placed by the owner of the user profile may be connected or, alter- 
natively, on services made accessible to the owner of the user profile. Furthermore, 
the user profile may include information on payment limitations and charge rates 

15 defined for the services to be provided to die owner of the user profile. In practice, 
the services to be provided may be of any type related to the physical layer, data 
link layer, Internet or middleware layer services offered in the network. 

Client entities for which user profiles can be formed belong to the groups of, e.g., 
20 private persons or firms and user applications, software agents and mobile agents. 
User profiles may also be formed for the nodes and subnetworks of the telecommu- 
nications network client's physical/data link layer or Internet layer. A user profile 
or a plurality of profiles can be submitted to the telecommunications network, e.g., 
when the client entity registers itself active with the network. When necessary, user 
25 profiles can be submitted after registration, too. 

In the prior art, user profiles are stored in user home registers maintained by tele- 
communications network operators. Such user home registers form a database 
which is distributed between the telecommunications network operators and permits 
30 an easy verification of user profiles contained in the user home registers. Hence, 
while the database on the user profiles of client entities are generally maintained by 
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the local telecommunications service providers communicating with theur 
subscribers, also other telecommunications network operators have an access to 
these data when necessary. 

5 A problem of the prior-art technique is that when the client entity gains access to 
another operator's network outside the local telephone network operator's region, 
the user profile of the callmg client entity must be retrieved from tiie user home 
register maintained by the local telecommunications network operator. This con- 
vention has the consequence that for a user, particularly for a mobile private 

10 person, mobile application, mobile node, mobile connection or mobile subnetwork, 
the administrative systems of telecommunications network operators must be 
designed for rapidly retrieving the user profile required and then transmitting the 
profile to a telecommunications network access connection or connections, a 
network service management system and a middleware service management system 

15 according to the current need of the client entity. 

Due to the critical fimctions of mobile information transmission systems, the tele- 
communications network operators must acquire interoperator conmiunication and 
data processing facilities that can be run with an ahnost real-time authentication. 

20 However, the erection and maintenance of such facilities is clumsy and steals a 
massive amount of resources, particularly as the number of internetwork accesses 
evidenfly tends to increase in the future. It must also be noted that telecommu- 
nications network operators communicatmg with each other may be located 
physically very remotely from each other, e.g., globally on opposite sides of the 

25 earth. Hence, conventional techniques are hampered by the time-critical operations 
needed between different telecommunications network operators. 

It is an object of the invention to overcome the drawbacks of the above-described 
type and to provide an entirely novel metiiod for submitting user profiles. 

30 

The goal of the invention is achieved by virtue of storing the user profiles at least 
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by their core portions in the client entity subscribing to a telecommunications 
service. Then, during the visit of the client entity in a nonlocal operator's tele- 
communications network, the client entity itself can submit its user profile to the 
operator of the nonlocal telecommunications network being visited. 

5 

More specifically, the method according to the invention is characterized by what is 
stated in the characterizing part of claim 1. 

The invention offers significant benefits. 

10 

When using the method according to the invention, there is no need to fetch the 
user profile of the client entity visiting the nonlocal network from the user home 
register maintained by the operator of the local telecommunications network. 

15 Provided that a sufficiently reliable authentication of the user profile is employed in 
conjunction with the method, there is no need for a real-time data transfer between 
the nonlocal teleconununications network and the user home register maintained by 
the local network when a client entity containing its own user profile attempt to 
register with the nonlocal network to be visited or the entity submitting its user 

20 profile for any reason to the nonlocal networks 

In the following, the invention will be examined with the help of exemplifying 
embodiments. 

25 In the method according to the invention, the user profile is stored in the client 
entity associated with the user profile. Additionally, the user profile can be stored 
in the databases of the telecommunications network operator issuing the user 
profile, that is, the local teleconmiunications network operator, for a possible 
authentication of the user profile. 

30 



When the client entity associated with the user profile visits another telecommuni- 
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cations network, that is, calls another network that the local network, the user 
profile of the client entity is submitted to the network management system of the 
nonlocal network directly from visiting client entity such as the client's smart card, 
application, terminal equipment, network node or client's network. The entity 

5 capable of having a client profile can be an entity associated with the physical 
layer, application layer, data link layer or Internet layer of the network. The user 
profile may also be configured as a private person, company or a group user profile 
for network or middleware use. Respectively, the user profile can be submitted to 
the physical layer, data link layer or Internet layer networks of the nonlocal tele- 

10 conununications network operator as well as to the middleware layer of the 
nonlocal telecommunications network operator. 

In the case that the visiting client entity is a terminal, node or network, it can be 
identified, e.g., from the network ID part of the network address, the network ID 

15 part of the terminal equipment or the network ID part of the network address. 
Respectively, a private person as a user can be identified on the basis of, e.g., a 
smart card and the authentication methods associated therewith. Such a smart card 
can also be the same smart card in which the network and middleware service 
profiles of the user are stored. Applications, agents and mobile agents can be 

20 authenticated with the help of the authentication methods developed for the same. 

Provided that the authentication is sufficiently reliable, based on a smart card, for 
instance, there is no need for real-time data communications between the local 
network operator and the visited network operator when the visiting client entity 

25 submits its user profile to the visited network. Obviously, this arrangement can be 
accomplished with the presumption that the operators maintain in their local 
databases static register lists on stolen terminal equipment and smart cards, for 
instance. Herein, such static information is understood to contain data that need not 
be updated at a frequent rate and, particularly, not in conjunction with each 

30 registry. In practice, the static database is updated, e.g., when a piece of terminal 
equipment or a smart card is reported lost. 
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The user profiles themselves are compiled so that the local telecommunications 
network operator gives the client a blank user profile form which is easy to edit. 
This step can be accomplished using the Java applet technique, for instance. After 
the client has edited the required user profile attributes, the edited form is authenti- 

5 cated by the client's electronic signature. User profile attributes subject to editing 
by the user are, e.g., service and payment limitations desiredly attributed to the 
user profile by the user, definitions on such A subscribers that are to be answered 
and on those not be answered and definitions on such B subscribers that are 
allowed to be contacted by the client entity associated with the user profile, or 

10 respectively, not be contacted. The client may also be allowed to include a list of 
users permitted to use the user profile. Hence, the client need not necessarily be the 
actual user of the user profile. For instance, the user profile may be company- 
specific, whereby the client, that is, the company names ttie users from a group of 
private person users such as the company's employees, for instance. The validity 

15 time of the profile is also stored in the user profile. 

After the client has edited the blank user profile forms presented by the teleconmiu- 
nications network operator, the filled forms are returned to the operator. If the 
forms are found acceptable, the filled forms are confirmed with the operator's elec- 

20 tronic signature and the user profiles are thus ready for use. Next, the confirmed 
user profiles are returned back to the profile users, who can install the profiles, 
e.g., as files in target entities such as smart cards, applications, mobile agents, 
nodes, mobile network management systems or terminals. When requested, a copy 
of such a profile file may then be submitted to the network management system of a 

25 visited network in conjunction with a log-in registry to the visited network. 

The client entity storing its own user profiles submits the required user profiles to 
the visited teleconraiunications network at the instant of registration therewith. 
Thus, the user profiles are inmiediately available to the visited network. When re- 
30 quired, user profiles may also be submitted after registry. The visited telecommu- 
nications network verifies the validity time of the profile and the electronic 
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signature of the telecommunications network operator that has issued the user 
profile. Further, the visited network also verifies that the calling client entity or 
user profile is not on a blocking list. Provided that the user profile is valid, the 
signature is authenticated and neither the calling client entity nor the user profile is 
S found on a blocking list, the user profile can be acknowledged which means that 
services compatible with the user profile will be, on request, delivered in the form 
defined in the user profile. 

Without departing from the scope and spirit of flie invention, also other embodi- 
10 ments different from those described above may be contemplated. For instance, a 
plurality of different user profiles may be stored in the smart card possessed by a 
private person user. Thus, a single smart card can contain, e.g., the employer's 
user profile and the card holder's own user profile or a plurality of such user 
profiles. Thus, a smart card can contain several project-specific user profiles which 
15 the employer has allocated for the use of his employee. By inserting such a 

multiprofile smart card in a suitable terminal, the smart card holder can use the 
services allocated for the desired user profile in any teleconununications network 
capable of supporting said services and the above-described method. Corre- 
spondmgly, a plurality of different user profiles may also be stored m other kinds 
20 of client entities. When a client entity such as a unit contaming a smart card has a 
number of user profiles stored therein, the client entity can decide in a self- 
contained manner which one or ones of the profiles are to be submitted to the 
telecommunications network. 

25 After the client's local telecommunications network operator has allocated the 
required user profiles for use by the client, also the local teleconununications 
network operator can dispense with the need for retrieving die user profiles from 
the user home register maintained by the local telecommunications network 
operator when the client wishes to perform a log-in registration with the local 

30 network. Also in this case, the client entity can submit its user profile to the 

operator's network management system in conjunction with registration. In this 
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occasion, the local telecommunications network behaves in the same manner as a 
visited network in regard to the submission of a user profile. 
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Claims: 

1. Method for submitting a user profile to a telecommunications network manage- 
ment system, said method comprising the step of 

- forming at least one user profile for a client entity, 

- stormg at least one user profile for retrieval by the telecommunica- 
tions network, and 

- retrieving at least one of the stored user profiles for use by the tele- 
communications network management system, 

characterized by 

- stormg at least one of the user profiles in the client entity, and 

- retrieving at least one of the stored user profiles from the client 
entity. 

2. Method according to claim 1, characterized in that each one of the 
user profiles is formed in cooperation between the client and the telecommunica- 
tions network operator issuing the user profile, said cooperation comprising the 
steps of 

* sending a blank user profile form from the telecommunications 
network operator's system issumg user profiles to the client, 

- editing said blank user profile form in the client's system, 
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- submitting the edited user profile form back to the telecommunica- 
tions networks operator's system issuing user profiles, 

- verifying the edited user profile form in the telecommunications 
5 network operator's system issuing user profiles, and 

- provided that the user profile represented by the edited user profile 
fonn is found acceptable: 

10 - accepting the user profile represented by the edited user profile 

form in the telecommimications -network operator's system issuing 
user profiles, and 

- returning the accepted user profile from the telecommunications 
15 network operator's system issumg user profiles back to the client, 

3. Method according to claim 2, characterized m that, after the 
acceptance of the user profile and prior to the return of the same back to the client, 

20 the user profile is authenticated by the electronic signature of die telecommunica- 
tions network operator. 

4. Method according to any of claims 1-3, characterized in that the 
25 user profile is complemented with information on the charge, service and/or call 

restrictions related to the client entity. 

5. Method according to any of claims 1-4, characterized in that the 
30 user profile is complemented with information on the charging of services 

subscribed to by client entity. 



wo 99/55067 



10 



PCT/FI99/00325 



6. Method according to any of claims 1 - 5 for use in conjunction with such a 
client entity that includes a smart card interface and a sman card connected to said 
interface, characterized in diat at least one user profile is stored in said 
smart card to be interfaced with said client entity. 

7. Method accordmg to claim 6, characterized in that in said smart card 
are stored at least two, mutually alternative user profiles. 

8. Method according to any of claims 1-5, characterized in that at least 
one user profile is stored as a file in an application, a mobile agent, a node, a 
mobile network management system or a terminal. 

9. Method according to any of claims 1 - 8 for use in conjunction with the registry 
of a client entity in a telecommunications network, characterized by the 
steps of 

- verifying the user profile retrieved firom the client entity seeking 
registration with the registration system of a teleconununications 
network allocating registrations, and provided that said user profile 
is found acceptable: 

- accepting the user profile^ and 

- submittmg die accepted user profile for use by the service 
management jsystem of the telecommunications network accepting 
the registry. 



wo 99/55067 



11 



PCT/FI99/00325 



10. Method according to claims 3 and 9, characterized in that, in 
conjunction widi the verification of the user profile retrieved from the client entity 
seeking registry with the registration system of a telecommunications network 
allocating registrations, the steps are carried out comprising 

- verifying the validity time of the user profile, the electronic 
signature of the telecommunications network operator that has issued 
the user profile, and the blocking list of user profiles, and 

- if the validity time of the user profile has expired, said electronic 
signature is incorrect or the user profile is found from said blocking 
list of user profiles, rejecting the user profile. 
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